Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

bn/bn_exp.c: harmonize BN_mod_exp_mont_consttime with negative input. #4676

Closed
wants to merge 1 commit into from
Closed

bn/bn_exp.c: harmonize BN_mod_exp_mont_consttime with negative input. #4676

wants to merge 1 commit into from

Conversation

dot-asm
Copy link
Contributor

@dot-asm dot-asm commented Nov 5, 2017

All exponentiation subroutines but BN_mod_exp_mont_consttime produce
non-negative result for negative input, which is confusing for fuzzer.

bn/bn_exp.c: harmonize BN_mod_exp_mont_consttime with negative input.
0d828b8 
All exponentiation subroutines but BN_mod_exp_mont_consttime produce
non-negative result for negative input, which is confusing for fuzzer.
@kroeckx
Copy link
Member

kroeckx commented Nov 5, 2017

Since this is called the consttime version, does this change anything in this being consttime?

@dot-asm
Copy link
Contributor Author

dot-asm commented Nov 5, 2017
edited

Since this is called the consttime version, does this change anything in this being consttime?

No. Well, it's a trick question. I can't see that BN_mod or BN_nnmod are constant-time, but in real life applications such as RSA inputs are reduced [and positive], so that they are not called.

EDIT: Bottom line is that constant-time-ness is not changed.

@dot-asm dot-asm added the approval: review pending This pull request needs review by a committer label Nov 16, 2017
@kroeckx kroeckx added approval: done This pull request has the required number of approvals and removed approval: review pending This pull request needs review by a committer labels Nov 16, 2017
dot-asm pushed a commit to dot-asm/openssl that referenced this pull request Nov 17, 2017
bn/bn_exp.c: harmonize BN_mod_exp_mont_consttime with negative input.
c1ec4db 
All exponentiation subroutines but BN_mod_exp_mont_consttime produce
non-negative result for negative input, which is confusing for fuzzer.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from openssl#4676)
@dot-asm dot-asm closed this Nov 17, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kroeckx kroeckx kroeckx approved these changes

@paulidale paulidale paulidale approved these changes

Assignees
No one assigned
Labels
approval: done This pull request has the required number of approvals
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@dot-asm @kroeckx @paulidale